DOCSLIB.ORG

Generating Random Permutations by Coin-Tossing: Classical Algorithms, New Analysis and Modern Implementation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Generating Random Permutations by Coin-Tossing: Classical Algorithms, New Analysis and Modern Implementation Generating random permutations by coin-tossing: classical algorithms, new analysis and modern implementation Axel Bacher| , Olivier Bodini| , Hsien-Kuei Hwang~ , and Tsung-Hsi Tsai~ | LIPN, Universite´ Paris 13, Villetaneuse, France ~ Institute of Statistical Science, Acamedia Sinica, Taipei, Taiwan March 10, 2016 Abstract Several simple, classical, little-known algorithms in the statistical literature for generating random permutations by coin-tossing are examined, analyzed and implemented. These algo- rithms are either asymptotically optimal or close to being so in terms of the expected number of times the random bits are generated. In addition to asymptotic approximations to the expected complexity, we also clarify the corresponding variances, as well as the asymptotic distribu- tions. A brief comparative discussion with numerical computations in a multicore system is also given. 1 Introduction Random permutations are indispensable in widespread applications ranging from cryptology to statistical testing, from data structures to experimental design, from data randomization to Monte Carlo simulations, etc. Natural examples include the block cipher (Rivest, 1994), permutation tests (Berry et al., 2014) and the generalized association plots (Chen, 2002). Random permutations are also central in the framework of Boltzmann sampling for labeled combinatorial classes (Flajolet et al., 2007) where they intervene in the labeling process of samplers. Finding simple, efficient and cryptographically secure algorithms for generating large random permutations is then of vi- tal importance in the modern perspective. We are concerned in this paper with several simple classical algorithms for generating random permutations (each with the same probability of being This research was partially supported by the ANR-MOST Joint Project MetAConC under the Grants ANR 2015- BLAN-0204 and MOST 105-2923-E-001-001-MY4. 1 generated), some having remained little known in the statistical and computer science literature, and focus mostly on their stochastic behaviors for large samples; implementation issues are also discussed. Algorithm Laisant-Lehmer: when UnifŒ1; n! is available (Here and throughout this paper UnifŒa; b represents a discrete uniform distribution over all integers in the interval Œa; b.) The earliest algorithm for generating a random permutation dated back to Laisant’s work near the end of the 19th century (Laisant, 1888), which was later re-discovered in (Lehmer, 1960). It is based on the factorial representation of an integer k c1.n 1/! c2.n 2/! cn 11! .0 6 k < n!/; D C C C where 0 6 cj 6 n j for 1 6 j 6 n 1. A simple algorithm implementing this representation then proceeds as follows; see (Devroye, 1986, p. 648) or (Robson, 1969). Let k UnifŒ0; n! 1. The first element of the ran- D dom permutation is c1 1, which is then removed from 1;:::; n . The next elementC of the random permutation Algorithm 1: LL.n; c/ f g will then be the .c2 1/st element of the n 1 remaining Input: c: an array with n elements elements. ContinueC this procedure until the last element Output: A random permutation on c is removed. A direct implementation of this algorithm begin 1 u UnifŒ1; n!; results in a two-loop procedure; a simple one-loop proce- WD dure was devised in (Robson, 1969) and is shown on the 2 for i n downto 2 do WD u 3 t ; j u i t 1; right; see also (Plackett, 1968) and Devroye’s book (De- WD i WD C 4 swap.ci; cj /; u t; vroye, 1986, ~XIII.1) for variants, implementation details WD and references. This algorithm is mostly useful when n is small, say less than 20 because n! grows very fast and the large number arithmetics involved reduce its effi- ciency for large n. Also the generation of the uniform distribution is better realized by the coin- tossing algorithms described in Section2. Algorithm Fisher-Yates (FY): when UnifŒ1; n is available One of the simplest and mostly widely used algorithms (based on a given sequence of distinct numbers c1;:::; cn ) for generat- ing a random permutation is the Fisher-Yates or Knuth shuffle (in its modernf form byg Durstenfeld (Durstenfeld, 1964); see Wikipedia’s page on Fisher-Yates shuffle and (Devroye, 1986; Dursten- feld, 1964; Fisher and Yates., 1948; Knuth, 1998a) for more information). The algorithm starts by swapping cn with a ran- domly chosen element in c1;:::; cn (each with the Algorithm 2: FY.n; c/ same probability of beingf selected), andg then repeats Input: c: an array with n > 2 elements the same procedure for cn 1,..., c2. See also the re- Output: A random permutation on c cent book (Berry et al., 2014) or the survey paper (Rit- begin ter, 1991) for a more detailed account. 1 for i n downto 2 by 1 do WD Such an algorithm seems to have it all: single loop, 2 j UnifŒ1; i; swap.ci; cj / one-line description, constant extra storage, efficient WD 2 and easy to code. Yet it is not optimal in situations such as (i) when only a partial subset of the permuted elements is needed (see (Black and Rogaway, 2002; Brassard and Kannan, 1988)), (ii) when imple- mented on a non-array type data structure such as a list (see (Ressler, 1992)), (iii) when numerical truncation errors are inherent (see (Kimble, 1989)), and (iv) when a parallel or distributed comput- ing environment is available (see (Anderson, 1990; Langr et al., 2014)). On the other hand, at the memory access level, a direct generation of the uniform random variable results in a higher rate of cache miss (see (Andres´ and Perez´ , 2011)), making it less efficient than it seems, notably when n is very large; see also Section6 for some implementation and simulation aspects. Finally, this algo- rithm is sequential in nature and the memory conflict problem is subtle in parallel implementation; see (Waechter et al., 2011). Note that the implementation of this algorithm strongly relies on the availability of a uniform random variate generator, and its bit-complexity (number of random bits needed) is of linearithmic order (not linear); see (Lumbroso, 2013; Sandelius, 1962)) and below for a detailed analysis. From unbounded uniforms to bounded uniforms? Instead of relying on uniform distribution with very large range, our starting question was: can we generate random permutations by bounded uniform distributions (for example, by flipping unbiased coins)? There are at least two different ways to achieve this: Fisher-Yates type: simulate the uniform distribution used in Fisher-Yates shuffle by coin- tossing, which can be realized either by von Neumann’s rejection method (von Neumann, 1951) or by the Knuth-Yao algorithm (for generating a discrete distribution by unbiased coins; see (Devroye, 1986; Knuth and Yao, 1976)) and Section2, and divide-and-conquer type: each element flips an unbiased coin and then depending on the outcome being head or tail divide the elements into two groups. Continue recursively the same procedure for each of the two groups. Then a random resampling is achieved by an inorder traversal on the corresponding digital tree; see the next section for details. This realization induces naturally a binary trie (Knuth, 1998b), which is closely related to a few other binomial splitting processes that will be briefly described below; see (Fuchs et al., 2014). It turns out that exactly the same binomial splitting idea was already developed in the early 1960’s in the statistical literature in (Rao, 1961) and independently in (Sandelius, 1962), and an- alyzed later in (Plackett, 1968). The papers by Rao and by Sandelius also propose other variants, which have their modern algorithmic interests per se. However, all these algorithms have remained little known not only in computer science but also in statistics (see (Berry et al., 2014; Devroye, 1986)), partly because they rely on tables of random digits instead of more modern computer generated random bits although the underlying principle remains the same. Since a complete and rigorous analysis of the bit-complexity of these algorithms remains open, for historical reasons and for completeness, we will provide a detailed analysis of the algorithms proposed in (Rao, 1961) and (Sandelius, 1962) (and partially analyzed in (Plackett, 1968)) and two versions of Fisher-Yates 3 with different implementations of the underlying uniform UnifŒ0; n 1 by coin-tossing: one re- lying on von Neumann’s rejection method (Devroye and Gravel, 2015; von Neumann, 1951) and the other on Knuth-Yao’s tree method (Devroye, 1986; Knuth and Yao, 1976). As the ideas of these algorithms are very simple, it is no wonder that similar ideas also appeared in computer science literature but in different guises; see (Barker and Kelsey, 2007; Flajolet et al., 2011; Koo et al., 2014; Ressler, 1992) and the references therein. We will comment more on this in the next section. We describe in the next section the algorithms we will analyze in this paper. Then we give a complete probabilistic analysis of the number of random bits used by each of them. Implemen- tation aspects and benchmarks are briefly discussed in the final section. Note that Fisher-Yates shuffle and its variants for generating cyclic permutations have been analyzed in (Louchard et al., 2008; Mahmoud, 2003; Prodinger, 2002; Wilson, 2009) but their focus is on data movements rather than on bit-complexity. 2 Generating random permutations by coin-tossing We describe in this section three algorithms for generating random permutations, assuming that a bounded uniform UnifŒ0; r 1 is available for some fixed integer r > 2. The first algorithm relies on the divide-and-conquer strategy
Load more

Recommended publications
  • Optimal Discrete Uniform Generation from Coin Flips, and Applications
    Optimal Discrete Uniform Generation from Coin Flips, and Applications Jérémie Lumbroso April 9, 2013 Abstract This article introduces an algorithm to draw random discrete uniform va- riables within a given range of size n from a source of random bits. The al- gorithm aims to be simple to implement and optimal both with regards to the amount of random bits consumed, and from a computational perspective— allowing for faster and more efficient Monte-Carlo simulations in computa- tional physics and biology. I also provide a detailed analysis of the number of bits that are spent per variate, and offer some extensions and applications, in particular to the optimal random generation of permutations. Now that simulations can be run extremely fast, they are routinely able to consume over a billion random variates an hour—and several orders of magnitude more throughout an execution. At such a point, the amount of pseudo-randomness at our disposal may eventually become a real issue, and it is pertinent to devise techniques that are economical with respect to the amount of randomness consumed, while remaining as or more efficient than existing techniques with regards to speed and space usage. The random-bit model. Much research has gone into simulating probability dis- arXiv:1304.1916v1 [cs.DS] 6 Apr 2013 tributions, with most algorithms designed using infinitely precise continuous uni- form random variables (see [1, II.3.7]). But because (pseudo-)randomness on com- puters is typically provided as 32-bit integers—and even bypassing issues of true randomness and bias—this model is questionable. Indeed as these integers have a fixed precision, two questions arise: when are they not precise enough? when are they too precise? These are questions which are usually ignored in typical fixed- precision implementations of the aforementioned algorithms.
    [Show full text]
  • Haystack Hunting Hints and Locker Room Communication∗
    Haystack Hunting Hints and Locker Room Communication∗ Artur Czumaj † George Kontogeorgiou ‡ Mike Paterson § Abstract We want to efficiently find a specific object in a large unstructured set, which we model by a random n-permutation, and we have to do it by revealing just a single element. Clearly, without any help this task is hopeless and the best one can do is to select the element at random, and 1 achieve the success probability n . Can we do better with some small amount of advice about the permutation, even without knowing the object sought? We show that by providing advice of just one integer in 0; 1; : : : ; n 1 , one can improve the success probability considerably, by log n f − g a Θ( log log n ) factor. We study this and related problems, and show asymptotically matching upper and lower bounds for their optimal probability of success. Our analysis relies on a close relationship of such problems to some intrinsic properties of random permutations related to the rencontres number. 1 Introduction Understanding basic properties of random permutations is an important concern in modern data science. For example, a preliminary step in the analysis of a very large data set presented in an unstructured way is often to model it assuming the data is presented in a random order. Un- derstanding properties of random permutations would guide the processing of this data and its analysis. In this paper, we consider a very natural problem in this setting. You are given a set of 1 n objects ([n 1], say ) stored in locations x ; : : : ; x − according to a random permutation σ of − 0 n 1 [n 1].
    [Show full text]
  • Secure Multi-Party Shuffling
    Secure Multi-Party Shuffling? Mahnush Movahedi, Jared Saia, and Mahdi Zamani Department of Computer Science, University of New Mexico fmovahedi, saia, [email protected] Abstract. In secure multi-party shuffling, multiple parties, each holding an input, want to agree on a random permutation of their inputs while keeping the permutation secret. This problem is important as a primitive in many privacy-preserving applications such as anonymous communication, location-based services, and electronic voting. Known techniques for solving this problem suffer from poor scalability, load-balancing issues, trusted party assumptions, and/or weak security guarantees. In this paper, we propose an unconditionally-secure protocol for multi-party shuffling that scales well with the number of parties and is load-balanced. In particular, we require each party to send only a polylogarithmic number of bits and perform a polylogarithmic number of operations while incurring only a logarithmic round complexity. We show security under universal composability against up to about n=3 fully-malicious parties. We also provide simulation results showing that our protocol im- proves significantly over previous work. For example, for one million parties, when compared to the state of the art, our protocol reduces the communication and computation costs by at least three orders of magnitude and slightly decreases the number of communication rounds. 1 Introduction Shuffling a sequence of values is a fundamental tool for randomized algorithms; applications include fault-tolerant algorithms, cryptography, and coding theory. In secure multi-party shuffling (MPS) problem, a group of parties each holding an input value want to randomly permute their inputs while ensuring no party can map any of the outputs to any of the input holders better than can be done with a uniform random guess.
    [Show full text]
  • On the Efficiency of Random Permutation for ADMM And
    Page 1 of 44 Information Systems Research MATHEMATICS OF OPERATIONS RESEARCH INFORMS Vol. 00, No. 0, Xxxxx 0000, pp. 000{000 doi 10.1287/xxxx.0000.0000 0364-765X j 1526-5471 j 00 j 0000 j 0001 issn eissn c 0000 INFORMS Authors are encouraged to submit new papers to INFORMS journals by means of a style file template, which includes the journal title. However, use of a template does not certify that the paper has been accepted for publication in the named jour- nal. INFORMS journal templates are for the exclusive purpose of submitting to an INFORMS journal and should not be used to distribute the papers in print or online or to submit the papers to another publication. On the Efficiency of Random Permutation for ADMM and Coordinate Descent * Ruoyu Sun University of Illinois Urbana-Champaign, [email protected] Zhi-Quan Luo Chinese University of Hong Kong (Shenzhen), University of Minnesota [email protected] Yinyu Ye Stanford University, [email protected] Random permutation is observed to be powerful for optimization algorithms: for multi-block ADMM (alter- nating direction method of multipliers), while the classical cyclic version divergence, the randomly permuted version converges in practice; for BCD (block coordinate descent), the randomly permuted version is typically faster than other versions. In this paper, we provide strong theoretical evidence that random permutation has positive effects on ADMM and BCD, by analyzing randomly permuted ADMM (RP-ADMM) for solving linear systems of equations, and randomly permuted BCD (RP-BCD) for solving unconstrained quadratic problems. First, we prove that RP-ADMM converges in expectation for solving systems of linear equations.
    [Show full text]
  • Arxiv:1809.04571V4 [Stat.CO] 5 Jan 2020
    Springer manuscript No. (will be inserted by the editor) Efficient generation of random derangements with the expected distribution of cycle lengths J. Ricardo G. Mendonc¸a Submitted: January 7, 2020 Abstract We show how to generate random derangements efficiently by two different tech- niques: random restricted transpositions and sequential importance sampling. The algorithm employing restricted transpositions can also be used to generate random fixed-point-free in- volutions only, a. k. a. random perfect matchings on the complete graph. Our data indicate that the algorithms generate random samples with the expected distribution of cycle lengths, which we derive, and for relatively small samples, which can actually be very large in ab- solute numbers, we argue that they generate samples indistinguishable from the uniform distribution. Both algorithms are simple to understand and implement and possess a perfor- mance comparable to or better than those of currently known methods. Simulations suggest that the mixing time of the algorithm based on random restricted transpositions (in the total a 2 1 variance distance with respect to the distribution of cycle lengths) is O(n logn ) with a ' 2 and n the length of the derangement. We prove that the sequential importance sampling algorithm generates random derangements in O(n) time with probability O(1=n) of failing. Keywords Restricted permutation · random transposition walk · random perfect matching · switch Markov chain · mixing time Mathematics Subject Classification (2010) 65C60 · 68R05 · 05A05 1 Introduction Derangements are permutations s = s1 ···sn on integer n ≥ 2 labels such that si 6= i for all i = 1;:::;n. Derangements are useful in a number of applications like in the testing of software branch instructions and random paths and data randomization and experimental design (Bacher et al.
    [Show full text]
  • One Permutation Hashing
    One Permutation Hashing Ping Li Art B Owen Cun-Hui Zhang Department of Statistical Science Department of Statistics Department of Statistics Cornell University Stanford University Rutgers University Abstract Minwise hashing is a standard procedure in the context of search, for efficiently estimating set similarities in massive binary data such as text. Recently, b-bit minwise hashing has been applied to large-scale learning and sublinear time near- neighbor search. The major drawback of minwise hashing is the expensive pre- processing, as the method requires applying (e.g.,) k = 200 to 500 permutations on the data. This paper presents a simple solution called one permutation hashing. Conceptually, given a binary data matrix, we permute the columns once and divide the permuted columns evenly into k bins; and we store, for each data vector, the smallest nonzero location in each bin. The probability analysis illustrates that this one permutation scheme should perform similarly to the original (k-permutation) minwise hashing. Our experiments with training SVM and logistic regression con- firm that one permutation hashing can achieve similar (or even better) accuracies compared to the k-permutation scheme. See more details in arXiv:1208.1259. 1 Introduction Minwise hashing [4, 3] is a standard technique in the context of search, for efficiently computing set similarities. Recently, b-bit minwise hashing [18, 19], which stores only the lowest b bits of each hashed value, has been applied to sublinear time near neighbor search [22] and learning [16], on large-scale high-dimensional binary data (e.g., text). A drawback of minwise hashing is that it requires a costly preprocessing step, for conducting (e.g.,) k = 200 » 500 permutations on the data.
    [Show full text]
  • Some Problems in Probability Theory Motivated by Number Theory and Mathematical Physics
    Zurich Open Repository and Archive University of Zurich Main Library Strickhofstrasse 39 CH-8057 Zurich www.zora.uzh.ch Year: 2013 Some problems in probability theory motivated by number theory and mathematical physics Barhoumi-Andréani, Yacine Posted at the Zurich Open Repository and Archive, University of Zurich ZORA URL: https://doi.org/10.5167/uzh-88064 Dissertation Published Version Originally published at: Barhoumi-Andréani, Yacine. Some problems in probability theory motivated by number theory and mathematical physics. 2013, University of Zurich, Faculty of Science. Some Problems in Probability Theory Motivated by Number Theory and Mathematical Physics Dissertation zur Erlangung der naturwissenschaftlichen Doktorwürde (Dr. sc. nat.) vorgelegt der Mathematisch-naturwissenschaftlichen Fakultät der Universität Zürich von Yacine Barhoumi-Andréani aus Frankreich Promotionskomitee Prof. Dr. Michael Cranston (Irvine) Prof. Dr. Ashkan Nikeghbali Zürich, 2014 1 Pour Pierre Andréani (31 Mai 1922 - 12 Octobre 2013) 2 Contents 1 Introduction 15 1.1 From random permutations to random isometries . 16 1.1.1 Simulating the uniform measure on the symmetric group . 16 1.1.2 Some distinguished measures on the symmetric group . 17 1.1.3 Coupling all the symmetric groups . 19 1.2 Random isometries . 20 1.2.1 Some ensembles of random matrices . 20 1.2.2 Coupling all the unitary groups . 22 1.3 Questions of eigenvalues . 22 1.3.1 The Weyl integration formula and its avatars . 22 1.3.2 Joint intensities and determinantal processes . 24 1.3.3 Cycles of a random permutation and trace of powers of a random matrix 27 1.4 The characteristic polynomial of a random unitary matrix .
    [Show full text]
  • Mergeshuffle: a Very Fast, Parallel Random Permutation Algorithm
    MergeShuffle: a very fast, parallel random permutation algorithm Axel Bacher Olivier Bodini Alexandros Hollender Universit´eParis 13 Universit´eParis 13 Universit´eParis 13 [email protected] [email protected] J´er´emieLumbroso Princeton University [email protected] Abstract This article introduces an algorithm, MergeShuffle, which is an ex- tremely efficient algorithm to generate random permutations (or to randomly permute an existing array). It is easy to implement, runs in n log2 n + O(1) time, is in-place, uses n log2 n + Θ(n) random bits, and can be parallelized across any number of processes, in a shared-memory PRAM model. Finally, our preliminary simulations using OpenMP1 suggest it is more efficient than the Rao-Sandelius algorithm, one of the fastest existing random permutation algorithms. We also show how it is possible to further reduce the number of random bits consumed, by introducing a second algorithm BalancedShuffle, a variant of the Rao-Sandelius algorithm which is more conservative in the way it recursively partitions arrays to be shuffled. While this algo- rithm is of lesser practical interest, we believe it may be of theoretical value. 1 Introduction Random permutations are a basic combinatorial object, which are useful in their own right for a lot of applications, but also are usually the starting point in the generation of other combinatorial objects, notably through bijections. The well-known Fisher-Yates shuffle [FY48, Dur64] iterates through a sequence from the end to the beginning (or the other way) and for each location i, it swaps the value at i with the value at a random target location j at or before i.
    [Show full text]
  • Discrete Probability [Sp’17]
    Algorithms Lecture 1: Discrete Probability [Sp’17] The first lot fell to Jehoiarib, the second to Jedaiah, the third to Harim, the fourth to Seorim, the fifth to Malkijah, the sixth to Mijamin, the seventh to Hakkoz, the eighth to Abijah, the ninth to Jeshua, the tenth to Shekaniah, the eleventh to Eliashib, the twelfth to Jakim, the thirteenth to Huppah, the fourteenth to Jeshebeab, the fifteenth to Bilgah, the sixteenth to Immer, the seventeenth to Hezir, the eighteenth to Happizzez, the nineteenth to Pethahiah, the twentieth to Jehezkel, the twenty-first to Jakin, the twenty-second to Gamul, the twenty-third to Delaiah, and the twenty-fourth to Maaziah. This was their appointed order of ministering when they entered the temple of the LORD, according to the regulations prescribed for them by their ancestor Aaron, as the LORD, the God of Israel, had commanded him. — 1 Chronicles 24:7–19 (New International Version) The ring worm is not ringed, nor is it worm. It is a fungus. The puff adder is not a puff, nor can it add. It is a snake. The funny bone is not funny, nor is it a bone. It is a nerve. The fishstick is not a fish, nor is it a stick. It is a fungus. — Matt Groening, “Life in Hell” (1986) When Pierre-Simon Laplace described probability theory as “good sense reduced to a calculus,” he intended to disparage neither good sense nor probability theory thereby. — Lorraine Daston, “Enlightenment Calculations” (1994) 1 Discrete Probability Before I start discussing randomized algorithms at all, I need to give a quick formal overview of the relatively small subset of probability theory that we will actually use.
    [Show full text]
  • MERGESHUFFLE: a Very Fast, Parallel Random Permutation Algorithm
    MERGESHUFFLE: A Very Fast, Parallel Random Permutation Algorithm Axel Bacher∗, Olivier Bodiniy, Alexandros Hollenderz, and Jérémie Lumbrosox August 14, 2015 Abstract This article introduces an algorithm, MERGESHUFFLE, which is an extremely efficient algorithm to generate random permutations (or to randomly permute an existing array). It is easy to implement, runs in nlog2n + O(1) time, is in-place, uses nlog2n + Θ(n) random bits, and can be parallelized ac- cross any number of processes, in a shared-memory PRAM model. Finally, our preliminary simulations using OpenMP1 suggest it is more efficient than the Rao-Sandelius algorithm, one of the fastest existing random permutation algorithms. We also show how it is possible to further reduce the number of random bits consumed, by introdu- cing a second algorithm BALANCEDSHUFFLE, a variant of the Rao-Sandelius algorithm which is more conservative in the way it recursively partitions arrays to be shuffled. While this algorithm is of lesser practical interest, we believe it may be of theoretical value. Random permutations are a basic combinatorial object, which are useful in their own right for a lot of applications, but also are usually the starting point in the generation of other combinatorial objects, notably through bijections. The well-known Fisher-Yates shuffle [11, 10] iterates through a sequence from the end to the beginning (or the other way) and for each location i, it swaps the value at i with the value at a random target location j at or before i. This algorithm requires very few steps—indeed a random integer and a swap at each iteration—and so its efficiency and simplicity have until now stood the test of time.
    [Show full text]
  • A New Generation Tree for Permutations, Preserving the Number of Fixed Points Philippe Duchon, Romaric Duvignau
    A new generation tree for permutations, preserving the number of fixed points Philippe Duchon, Romaric Duvignau To cite this version: Philippe Duchon, Romaric Duvignau. A new generation tree for permutations, preserving the number of fixed points. 26th International Conference on Formal Power Series and Algebraic Combinatorics (FPSAC 2014) , Jun 2014, Chicago, United States. pp.679-690. hal-01015604 HAL Id: hal-01015604 https://hal.archives-ouvertes.fr/hal-01015604 Submitted on 30 Jun 2014 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Distributed under a Creative Commons Attribution| 4.0 International License A new generation tree for permutations, preserving the number of fixed points Philippe Duchon ∗1 and Romaric Duvignau †1 1Univ. Bordeaux, LaBRI, UMR 5800, F-33400 Talence, France, CNRS, LaBRI, UMR 5800, F-33400 Talence, France June 30, 2014 Abstract We describe a new uniform generation tree for permutations with the specific property that, for most permutations, all of their descendants in the generation tree have the same number of fixed points. Our tree is optimal for the number of permutations having this property. We then use this tree to describe a new random generation algorithm for derange- ments, using an expected n + O(1) calls to a random number generator.
    [Show full text]
  • Randomness in Cryptography: Theory Meets Practice
    Randomness in Cryptography: Theory Meets Practice Daniel Oliver James Hutchinson Thesis submitted to the University of London for the degree of Doctor of Philosophy Information Security Group Department of Mathematics Royal Holloway, University of London 2018 Declaration These doctoral studies were conducted under the supervision of Prof. Kenneth G. Paterson. The work presented in this thesis is the result of original research carried out by myself, in collaboration with others, whilst enrolled in the Department of Mathe- matics as a candidate for the degree of Doctor of Philosophy. This work has not been submitted for any other degree or award in any other university or educational establishment. Daniel Oliver James Hutchinson March, 2018 2 Acknowledgements I'd like to first thank my supervisor, Kenny Paterson, for his patience, help, and liberal application of boot to my rear. I'm exceptionally grateful to my parents, Wendy and Chris; I'm so glad you got to see me finish this and that I made you proud. I'd like to thank my sister, Claire and the rest of my family, for their love and support. Thanks to my friends, old and new, there are many of you to list, a list too large for this margin. Special thanks goes to Demelza; without your love and support the thesis would've beaten me. Thank you to: James, Lotta, Chris, Ellie; my colleagues in LINKS; my officemates Chel, Christian, James, Rob and Naomi; Lindsay; my Southampton friends; Thalia, Sam, and, lastly, Aaron. Finally, thank you to Rob Esswood for inspiring me so long ago to pursue Mathe- matics; it's your fault.
    [Show full text]